Scripted REST API - Update or Create incident (Allow all fields)

Go to solution
GB14
Kilo Patron

‎08-28-2024 07:21 PM

how can we allow access to all fields in the scripted rest API (POST and PATCH)? 

 

For some internal security reasons, we are unable to use the OOB Table API. 

 

I have created GET - All fields (working fine) 

 

I am looking for some guidance or suggestions for POST and PATCH api. 

 

Thanks in advance,

G

0 Helpfuls
  • 1,065 Views
1 ACCEPTED SOLUTION

Go to solution
ShubhamGarg
Kilo Sage

‎08-29-2024 12:04 AM

Hello @GB14 ,

 

For all integration calls where data is needed to be fetched from ServiceNow, best way is to use Table API. If there are appropriate Access controls are defined in the instance and proper authentication-authorised channels (using certificates) are defined, there should not be any security concerns.

 

Scripted Rest API can also be used. Make sure while sending the response you are sending the limited field data which is needed, other field data you need not to send.

 

If my response helps you in any way, kindly mark this as Accepted Solution/Helpful and help in closing this thread.

Regards,

Shubham

View solution in original post

0 Helpfuls
3 REPLIES 3

Go to solution
ShubhamGarg
Kilo Sage

‎08-29-2024 12:04 AM

Hello @GB14 ,

 

For all integration calls where data is needed to be fetched from ServiceNow, best way is to use Table API. If there are appropriate Access controls are defined in the instance and proper authentication-authorised channels (using certificates) are defined, there should not be any security concerns.

 

Scripted Rest API can also be used. Make sure while sending the response you are sending the limited field data which is needed, other field data you need not to send.

 

If my response helps you in any way, kindly mark this as Accepted Solution/Helpful and help in closing this thread.

Regards,

Shubham

0 Helpfuls

Go to solution
Amit Verma
Kilo Patron
Kilo Patron

‎08-29-2024 01:00 AM

Hi @GB14 

 

You can refer below links which will give you a start :

https://www.servicenow.com/community/developer-articles/my-experience-with-scripted-rest-apis-and-so...

https://docs.servicenow.com/bundle/xanadu-api-reference/page/app-store/good_practices/scripted-rest/...

 

I will still suggest you to go ahead with Table API as you can easily address security concerns with ServiceNow recommended best practices.

 

Thanks and Regards

Amit Verma


Please mark this response as correct and helpful if it assisted you with your question.

Go to solution
GB14
Kilo Patron

‎09-11-2024 06:29 AM

Thanks Shubham and Ankit. 

 

We decided to go with the mix of API. 
Scripted for GET and OOB for POST. 

 

Thank you 

0 Helpfuls